IoT Security & Privacy: Literature Review

Verified

Added on  2023/06/08

|8
|1987
|72
AI Summary
This literature review covers the security and privacy concerns associated with IoT. It includes relevant technologies & applications, challenges/problems in IoT security, and a review of literature on IoT security & privacy. The report also suggests future research directions to mitigate the identified gaps.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.
Document Page
qwertyuiopasdfghjklzxcvbnmqw
ertyuiopasdfghjklzxcvbnmqwert
yuiopasdfghjklzxcvbnmqwertyui
opasdfghjklzxcvbnmqwertyuiop
asdfghjklzxcvbnmqwertyuiopasd
fghjklzxcvbnmqwertyuiopasdfgh
jklzxcvbnmqwertyuiopasdfghjkl
zxcvbnmqwertyuiopasdfghjklzxc
vbnmqwertyuiopasdfghjklzxcvb
nmqwertyuiopasdfghjklzxcvbnm
qwertyuiopasdfghjklzxcvbnmqw
ertyuiopasdfghjklzxcvbnmqwert
yuiopasdfghjklzxcvbnmqwertyui
opasdfghjklzxcvbnmqwertyuiop
asdfghjklzxcvbnmqwertyuiopasd
fghjklzxcvbnmqwertyuiopasdfgh
jklzxcvbnmrtyuiopasdfghjklzxcv
Information Security
Literature Review
9/14/2018

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
IoT Security & Privacy: Literature Review
Abstract
Internet of Things (IoT) is one of the emerging technologies which are being used by various
industries and business sectors. The technology has given its users with connected and smart
platforms along with several other benefits. There are certain concerns that are associated
with the technology and its applications. Security and privacy are the two major concerns that
are associated with IoT. The report covers a literature review on the IoT Security and Privacy
and includes the areas addressed and the gaps identified.
Keywords: IoT, Internet, Security, Controls, Privacy
1
Document Page
IoT Security & Privacy: Literature Review
Table of Contents
Abstract.................................................................................................................................................1
Introduction...........................................................................................................................................3
Relevant Technologies & Applications.................................................................................................3
IoT Security & Privacy: Literature Review...........................................................................................3
Future Research Directions & Conclusion.............................................................................................5
References.............................................................................................................................................7
2
Document Page
IoT Security & Privacy: Literature Review
Introduction
Internet of Things (IoT) provides an inter-connected framework of different components and
devices. Internet of Things (IoT) is one of the emerging technologies which are being used by
various industries and business sectors. The technology has given its users with connected
and smart platforms along with several other benefits. There are certain concerns that are
associated with the technology and its applications. Security and privacy are the two major
concerns that are associated with IoT.
Relevant Technologies & Applications
Some of the popular applications of IoT are used in the healthcare industry and these include
smart healthcare systems, remote & tele-health monitoring system. The other applications
include smart city application, smart parking system, office & home automation system,
smart retail management system, and many more.
Challenges/Problems in IoT Security
There are security and privacy issues in information security that are currently witnessed.
These include cryptanalysis attacks, malware attacks, injection attacks, data breaches, data
leakage, and device-based attacks.
There are vulnerabilities associated with IoT applications, such as unsecure network
connections, unsecure access points, etc. These enhance the probability of the security and
privacy attacks.
IoT Security & Privacy: Literature Review
One of the most popular security techniques that are used is cryptography and encryption.
However, the usual encryption processes do not succeed in the case of IoT applications due to
multiple components involved. The author has covered the various cryptanalysis attacks that
emerge as a result. These may be of varied forms, such as ciphertext-only attacks, plaintext
attacks, differential attacks, integral attacks, etc. Side-channel attacks are also one of the
cryptanalysis attacks that are carried out. The author has suggested that multi-path encryption
and use of passwords along with cryptography algorithm shall be used to avoid such attacks.
3

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
IoT Security & Privacy: Literature Review
The author has not listed the use of communication protocols that may be done to put a check
on the cryptanalysis attacks (Maple, 2017).
Malware attacks are also very common in the case of computing applications and IoT
technology. One of the latest forms of malware that is being frequently launched by the
attackers is ransomware. It is a malware in which the attackers block the access to a system or
an application and demand ransom to unblock the same. The ransom is demanded in the form
of cryptocurrency. IoT applications are also exposed to the ransomware attacks due to the
presence of several access points in varied components that may be used to launch the attack.
The authors have described the process that is involved in the ransomware attacks. The use of
anti-malware tools with ransomware protection has been recommended to prevent and
control the attack. The authors have not described the recent ransomware attacks in detail
(Latif & Zafar, 2017).
IoT devices are developed for the end-users and these users can access these applications
through a web interface that is developed as a website or mobile application. These web
interfaces come with their own security loopholes. For example, the user may utilize weaker
and common passwords which may be easily guessed by the attackers and an unauthorized
access may be allowed. There may be security vulnerabilities that may be present with these
interfaces and these are explored by the authors in the research work. There are different
forms of injection attacks that may also be carried out as XML or SQL injection attacks and
cross site scripting attacks. The authors have recommended the use of role-based access
control as one of the measures to deal with the security vulnerabilities in web interfaces. The
use of multi-fold authentication is also suggested by the authors (Gopi & Rao, 2018). The
authors have not covered the use of session management as the security control.
Breaching of the data sets and the loss of the data over IoT network is frequently being
observed. This is because IoT applications are made up of several components that may have
different security architecture and protocols applied. The increased number of components
also results in the increased number of access points and one or more than one such access
points may not be secure. These unsecure access points may be utilized to cause data breach
or steal the data sets. The mechanisms that are usually used by the malicious entities are
explored by the authors and covered in the research work. The authors have recommended
the use of basic and advanced security methods. However, the involvement of other
technologies in IoT security is not covered (Pishva, 2017).
4
Document Page
IoT Security & Privacy: Literature Review
There are different devices that are used in the IoT applications. Computer systems or
Smartphones are used by the end-users to access the web interface developed for the IoT
application. There are other networking peripherals and devices along with sensors, servers,
and mobile devices involved. Each of these devices includes data and information sets
associated with the IoT application. The stealing of any of these devices by malevolent entity
may compromise the security and privacy of the entire application as the critical data sets will
be captured. The authors have covered these device-based security risks and the attack
prevention methods that may be used. Device tracker is one such measure that may be used to
track the device if it gets stolen or is lost. The authors have not covered the involvement of
other technologies to prevent the attacks (Yang, Wu, Yin, Li & Zhao, 2017).
IoT applications work on the basis of the hardware, software, and networking components.
Network security is essential for these applications and the same has been explored by the
authors in the research work. The primary category of security and privacy attacks on the IoT
applications are the network-based security attacks. These attacks are given shape to impact
the information and data properties as availability, privacy, integrity, and confidentiality.
(Geneiatakis et al., 2017). The authors have described some of these network attacks as data
manipulation attacks, denial of service attacks, eavesdropping attacks, distributed denial of
service attacks, man in the middle attacks, etc. The authors have also suggested the use of
network security controls like intrusion detection and prevention systems and anti-denial
tools to prevent these attacks from occurring. However, the other controls using Business
Intelligence concepts are not illustrated.
Some of the critical issues that have been identified are network-based security attacks,
ransomware attacks, device-based attacks, data breaches, and cryptanalysis attacks.
The authors in their research work have covered the privacy preserving techniques that may
be used in association with the IoT applications. These techniques have been described in the
categories as technical, administrative, and logical controls. The authors have described the
use of anti-malware and anti-denial tools that may be done. They have also covered the use of
basic security measures like firewalls and proxy servers that may be helpful. Access control
measures and authentication processes have also been covered (Hussain & Kaliya, 2018). The
authors have not described the role of other technologies, such as Big Data or Cloud
Computing in IoT security and privacy.
5
Document Page
IoT Security & Privacy: Literature Review
Future Research Directions & Conclusion
The areas that have been addressed along with gaps & critical issues have been included in
the section above. The future research processes must keep their focus on the use of other
emerging technologies, such as Cloud Computing, Artificial Intelligence, smart sensor
networks, and Big Data on the security and privacy of IoT. There are communication
protocols that can be used along with the encryption algorithms to avoid the cryptanalysis
attacks that shall be researched upon. Access control and authentication measures are also
being improved and enhanced with the passage of time. The use of these controls along with
user session management is one of the IoT security areas that shall be explored. There are
business intelligence concepts and patterns that may be used to have a deeper understanding
of the networking activities, user actions, and likewise. These shall be useful in putting a
check on the security and privacy attacks.
The use of the security controls included in the literature review and the research on the gaps
identified will result in the mitigation and control of such occurrences.
6

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Document Page
IoT Security & Privacy: Literature Review
References
Geneiatakis, D., Kounelis, I., Neisse, R., Nai-Fovino, I., Steri, G., & Baldini, G. (2017).
Security and privacy issues for an IoT based smart home. 2017 40Th International
Convention On Information And Communication Technology, Electronics And
Microelectronics (MIPRO). doi: 10.23919/mipro.2017.7973622
Gopi, A., & Rao, M. (2018). Survey of privacy and security issues in IoT. International
Journal Of Engineering & Technology, 7(2.7), 293. doi: 10.14419/ijet.v7i2.7.10600
Hussain, M., & Kaliya, N. (2018). An Improvised Framework for Privacy Preservation in
IoT. International Journal Of Information Security And Privacy, 12(2), 46-63. doi:
10.4018/ijisp.2018040104
Latif, S., & Zafar, N. (2017). A survey of security and privacy issues in IoT for smart cities.
2017 Fifth International Conference On Aerospace Science & Engineering (ICASE).
doi: 10.1109/icase.2017.8374288
Maple, C. (2017). Security and privacy in the internet of things. Journal Of Cyber Policy,
2(2), 155-184. doi: 10.1080/23738871.2017.1366536
Pishva, D. (2017). Internet of Things: Security and privacy issues and possible solution. 2017
19Th International Conference On Advanced Communication Technology (ICACT).
doi: 10.23919/icact.2017.7890229
Yang, Y., Wu, L., Yin, G., Li, L., & Zhao, H. (2017). A Survey on Security and Privacy
Issues in Internet-of-Things. IEEE Internet Of Things Journal, 4(5), 1250-1258. doi:
10.1109/jiot.2017.2694844
7
1 out of 8
circle_padding
hide_on_mobile
zoom_out_icon
[object Object]

Your All-in-One AI-Powered Toolkit for Academic Success.

Available 24*7 on WhatsApp / Email

[object Object]